ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 source package in Ubuntu
Changelog
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.5) trusty-security; urgency=medium * SECURITY UPDATE: denial of service via crafted NUL-byte in configuration directive - debian/patches/CVE-2015-5146.patch: properly validate command in ntpd/ntp_control.c. - CVE-2015-5146 * SECURITY UPDATE: denial of service via malformed logconfig commands - debian/patches/CVE-2015-5194.patch: fix logconfig logic in ntpd/ntp_parser.y. - CVE-2015-5194 * SECURITY UPDATE: denial of service via disabled statistics type - debian/patches/CVE-2015-5195.patch: handle unrecognized types in ntpd/ntp_config.c. - CVE-2015-5195 * SECURITY UPDATE: file overwrite via remote pidfile and driftfile configuration directives - debian/patches/CVE-2015-5196.patch: disable remote configuration in ntpd/ntp_parser.y. - CVE-2015-5196 - CVE-2015-7703 * SECURITY UPDATE: denial of service via precision value conversion - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in include/ntp.h. - CVE-2015-5219 * SECURITY UPDATE: timeshifting by reboot issue - debian/patches/CVE-2015-5300.patch: disable panic in ntpd/ntp_loopfilter.c. - CVE-2015-5300 * SECURITY UPDATE: incomplete autokey data packet length checks - debian/patches/CVE-2015-7691.patch: add length and size checks to ntpd/ntp_crypto.c. - CVE-2015-7691 - CVE-2015-7692 - CVE-2015-7702 * SECURITY UPDATE: memory leak in CRYPTO_ASSOC - debian/patches/CVE-2015-7701.patch: add missing free in ntpd/ntp_crypto.c. - CVE-2015-7701 * SECURITY UPDATE: denial of service by spoofed KoD - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c. - CVE-2015-7704 - CVE-2015-7705 * SECURITY UPDATE: denial of service via same logfile and keyfile - debian/patches/CVE-2015-7850.patch: rate limit errors in include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c, libntp/msyslog.c. - CVE-2015-7850 * SECURITY UPDATE: ntpq atoascii memory corruption - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in ntpq/ntpq.c. - CVE-2015-7852 * SECURITY UPDATE: buffer overflow via custom refclock driver - debian/patches/CVE-2015-7853.patch: properly calculate length in ntpd/ntp_io.c. - CVE-2015-7853 * SECURITY UPDATE: denial of service via ASSERT in decodenetnum - debian/patches/CVE-2015-7855.patch: simply return fail in libntp/decodenetnum.c. - CVE-2015-7855 * SECURITY UPDATE: symmetric association authentication bypass via crypto-NAK - debian/patches/CVE-2015-7871.patch: drop unhandled packet in ntpd/ntp_proto.c. - CVE-2015-7871 * debian/control: add bison to Build-Depends. * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. * This package does _not_ contain the changes from (1:4.2.6.p5+dfsg-3ubuntu2.14.04.4) in trusty-proposed. -- Marc Deslauriers <email address hidden> Fri, 23 Oct 2015 11:47:46 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
ntp_4.2.6.p5+dfsg.orig.tar.gz | 3.9 MiB | 17f0b63e7e27de5cc999a4afdb96b2dbdf76c75181fca50e2395e49e5773dfc9 |
ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.5.debian.tar.gz | 130.0 KiB | 52acd00bb07e652d5ead1c54a518dccab4f1e8dcd810320305efb9b8a9963c28 |
ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.5.dsc | 2.3 KiB | b8d9b13c64c7b18dd978895ecbbaf273dcf2c7ac7dc3c4523793a7f64b62e980 |
Available diffs
Binary packages built by this source
- ntp: Network Time Protocol daemon and utility programs
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
This package contains the NTP daemon and utility programs. An NTP
daemon needs to be running on each host that is to have its clock
accuracy controlled by NTP. The same NTP daemon is also used to
provide NTP service to other hosts.
.
For more information about the NTP protocol and NTP server
configuration and operation, install the package "ntp-doc".
- ntp-dbgsym: debug symbols for package ntp
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
This package contains the NTP daemon and utility programs. An NTP
daemon needs to be running on each host that is to have its clock
accuracy controlled by NTP. The same NTP daemon is also used to
provide NTP service to other hosts.
.
For more information about the NTP protocol and NTP server
configuration and operation, install the package "ntp-doc".
- ntp-doc: Network Time Protocol documentation
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
This package contains HTML documentation for the ntp packages (ntp,
ntpdate). Since there are no substantive man pages for ntp's
programs and configuration files, this package is desirable for any
setup beyond the simple default configuration.
- ntpdate: client for setting system time from NTP servers
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
ntpdate is a simple NTP client that sets a system's clock to match
the time obtained by communicating with one or more NTP servers. It
is not sufficient, however, for maintaining an accurate clock in the
long run. ntpdate by itself is useful for occasionally setting the
time on machines that do not have full-time network access, such as
laptops.
.
If the full NTP daemon from the package "ntp" is installed, then
ntpdate is not necessary.
- ntpdate-dbgsym: debug symbols for package ntpdate
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
ntpdate is a simple NTP client that sets a system's clock to match
the time obtained by communicating with one or more NTP servers. It
is not sufficient, however, for maintaining an accurate clock in the
long run. ntpdate by itself is useful for occasionally setting the
time on machines that do not have full-time network access, such as
laptops.
.
If the full NTP daemon from the package "ntp" is installed, then
ntpdate is not necessary.